package top.sinfonia.demo.security;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * @author singoasher
 * @date 2018/3/2
 */
@Configuration
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
                .withUser("user").password("{noop}password").roles("USER")
                .and()
                .withUser("user1").password("{noop}password1").roles("USER1")
                .and()
                .withUser("user2").password("{noop}password2").roles("USER2");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().antMatchers("/hello/user").hasRole("USER").and().formLogin().and().formLogin();
        http.authorizeRequests().antMatchers("/hello/user1").hasRole("USER1");
        super.configure(http);
    }
}
